Streamline Key Management Across Multiple Cloud Services

CipherTrust Cloud Key Manager

For virtually every organization today, the adoption of multiple cloud services continues to expand—and so does the use of encryption. As the proliferation of encryption continues, so do the number of keys, and the potential risks. With the CipherTrust Cloud Key Manager, your organization can establish strong controls over encryption keys and policies for data encrypted by cloud services.

Overview

Use of multiple cloud services has become the new normal of corporate computing. Users are relying upon cloud-delivered applications and cloud-resident workloads for business-critical purposes, resulting in sensitive data being stored across multiple public cloud environments and on-premises, resulting in both multi- and hybrid clouds. As such, the same enterprise-class data security and compliance tools and processes employed to protect on-premises data to meet and maintain compliance with industry regulations must be applied to this hybrid- and multi-cloud reality.

While many cloud services now offer native and third-party encryption options, including bring your own key (BYOK),challenges remain, such as operationalising encryption key lifecycle management centrally, across multiple cloud services.

Contact ID-3 to help you with the following critical services:

CipherTrust Cloud Key Manager Implementation

Workshops and Awareness Training

Documentation and Procedures

Advanced Encryption Protects What Cloud Providers Will Not!

Thales partners with industry-leading Infrastructure-, Platform- and Software-as-a Service (IaaS, PaaS and SaaS) providers worldwide to support any multi-cloud strategy – public, private or hybrid.

The shared responsibility model is a well-accepted tool to help raise awareness that while cloud providers are responsible for the security of the cloud, cloud buyers are responsible for security of their data in the cloud.

You’re almost certainly responsible for the security of data on your premises and in the cloud. As your workloads migrate to multiple cloud providers, are you confident in the security of your data? Are you in compliance with internal and industry data protection mandates? Is your data protected in the event of a subpoena issued to your cloud provider? Can you move data quickly from one cloud provider to the next? Thales eSecurity cloud security solutions can help answer these multi-cloud security questions.

A specialist Key Management supplier with industry experience can provide the assurance that you are speaking to the right person. We pride ourselves on being at hand to assist your delivery throughout its life-cycle. A single call to connect you to Cloud Key Management expertise which you simply wont find at general re-sellers.

ID-3 Service Support

Unlike other re-sellers ID-3 is the UK’s only service led consultancy and re-seller who can offer comprehensive assistance to support your ITIL related service delivery.

ID-3 offers rapid over the phone or email advice and support to its customers from our team of in-house experts without depending on the vendors.

ID-3 Documentation

Procedures are critical to every service. ID-3 procedures are available to our customers via download from our portal and customised for your environment removing the arduous task of needing to become expert prior to business as usual handover and reducing the time it takes to get the service into production.

CipherTrust Cloud Key Manager leverages the security of the Vormetric Data Security Manager to create keys and store them with FIPS 140-2 security. Safe cloud backup key storage is provided by a key escrow service for supported clouds. You control full key metadata control during upload and for keys in use.

True Multi-Cloud Support

With support for Amazon Web Services, Microsoft Azure, Microsoft Azure Stack, Microsoft Azure Germany and China national clouds, and Salesforce.com, CipherTrust Cloud Key Manager keeps you in control of encrypted data across multiple clouds from a single pane of glass, including across multiple accounts.

Automated Key Rotation

With the click of a button or an API request, keys are marked for automated key rotation on a per-cloud schedule. From then on, CipherTrust Cloud Key Manager performs key rotation automatically with comprehensive logging for IT efficiency and enhanced data security. Key Rotation may be specified for keys without expiration dates, or specifically for keys to be rotated prior to their expiration dates.

Comprehensive Key Management

Deploy CipherTrust Cloud Key Manager with any number of keys already created at your cloud provider. It will synchronize its key database with your provider’s. Key attributes such as expiration rules and usage options are all maintained.

Federated User Access to Key Management

Each cloud service login is authenticated and authorised by the service provider – CipherTrust Cloud Key Manager includes no login data base nor requires AD or LDAP integration. Granular key usage authorization ensures that users see only permitted keys.

The Compliance Tools You Need

CipherTrust Cloud Key Manager has the full range of logs and reports you need for fast compliance reporting, including a per-cloud operational logs and a range of pre-packaged key activity reports.

Implementation Choices that Match Your Needs

CipherTrust Cloud Key Manager is available as a service in the cloud or for on-premises deployment.

“As a Service” combines convenience with control required for many data security mandates. Keys are stored with FIPS 140-2 Level 1 security. There is no need to architect, deploy or maintain a high-availability key management solution on-premises.